A Fresh Look at Separation Algebras and Share Accounting
APLAS '09 Proceedings of the 7th Asian Symposium on Programming Languages and Systems
A theory of indirection via approximation
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Concurrent separation logic for pipelined parallelization
SAS'10 Proceedings of the 17th international conference on Static analysis
Step-indexed kripke models over recursive worlds
Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Making prophecies with decision predicates
Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A logical mix of approximation and separation
APLAS'10 Proceedings of the 8th Asian conference on Programming languages and systems
ESOP'11/ETAPS'11 Proceedings of the 20th European conference on Programming languages and systems: part of the joint European conferences on theory and practice of software
Step-Indexed Kripke Model of Separation Logic for Storable Locks
Electronic Notes in Theoretical Computer Science (ENTCS)
Time Bounds for General Function Pointers
Electronic Notes in Theoretical Computer Science (ENTCS)
Hi-index | 0.00 |
We define a Concurrent Separation Logic with first-class locks and threads for the C language, and prove its soundness in Coq with respect to a compilable operataional semantics. We define the language Concurrent C minor, an extension of the C minor language of Leroy. C minor was designed as the highest-level intermediate language in the CompCert certified ANSI C compiler, and we add to it lock, unlock, and fork statements to make Concurrent C minor, giving it a standard Pthreads style of concurrency. We define a Concurrent Separation Logic for Concurrent C minor, which extends the original Concurrent Separation Logic of O’Hearn to handle firstclass locks and threads. We then prove the soundness of the logic with respect to the operational semantics of the language. First, we define an erased concurrent operational semantics for Concurrent C minor that is a reasonable abstraction for concurrent execution on a real machine. Second, we define a new modal substructural logic which we use as the model for assertions in Concurrent Separation Logic. Third, we define an unerased concurrent operational semantics for Concurrent C minor that keeps track of additional bookkeeping to demonstrate the programs are well-behaved. Fourth, we define an oracle semantics that is a thread-local semantics of Concurrent C minor; this allows us to separate the metatheory of sequential and concurrent computation from each other. Fifth, we give a new semantics to the Hoare tuple using our modal substructural logic that connects Concurrent Separation Logic to our oracle semantics and then connect our oracle semantics to our concurrent semantics. Our soundness proofs are largely implemented in 60,000 lines of Coq; our modular proof design allows us to largely reuse a significant portion of the soundness proofs of the sequential subset of Concurrent Separation Logic developed by Appel and Blazy. Our ability to reuse those proofs gives us confidence that we will be able to modify the CompCert compiler proofs to handle Concurrent C minor in the future.